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Abstract.  When  designing  model-based  fault-diagnosis  systems, 
the  use  of  consistency  relations  (also  called  e.g.  parity  relations)  is 
a common  choice.  Different  subsets  are  sensitive  to  different  subsets 
of  faults,  and  thereby  isolation  can  be  achieved.  This  paper  presents 
an  algorithm  for  finding  a small  set  of  submodels  that  can  be  used  to 
derive  consistency  relations  with  highest  possible  diagnosis  capabil- 
ity. The  algorithm  handles  differential-algebraic  models  and  is  based 
on  graph  theoretical  reasoning  about  the  structure  of  the  model.  An 
important  step,  towards  finding  these  submodels  and  therefore  also 
towards  finding  consistency  relations,  is  to  find  all  minimal  struc- 
turally singular  (MSS)  sets  of  equations.  These  sets  characterize  the 
fault  diagnosability.  The  algorithm  is  applied  to  a large  nonlinear  in- 
dustrial example,  a part  of  a paper  plant.  In  spite  of  the  complexity  of 
this  process,  a small  set  of  consistency  relations  with  high  diagnosis 
capability  is  successfully  derived. 

1 Introduction 

When  designing  model-based  fault-diagnosis  systems,  using  the 
principle  of  consistency  based  diagnosis  [5,  11,  6],  a crucial  step  is 
the  conflict  recognition.  As  shown  in  [3],  conflict  recognition  can  be 
achieved  by  using  pre-computed  consistency  relations  (also  called 
e.g.  analytical  redundancy  relations  or  parity  relations).  With  prop- 
erly chosen  consistency  relations,  different  subsets  of  consistency  re- 
lations are  sensitive  to  different  subsets  of  faults.  In  this  way  isolation 
between  different  faults  can  be  achieved. 

The  systems  considered  in  this  paper  are  assumed  to  be  modeled 
by  a set  of  nonlinear  and  linear  differential-algebraic  equations.  To 
find  consistency  relations  by  directly  manipulating  these  equations  is 
a computationally  complex  task,  especially  for  large  and  nonlinear 
systems.  To  reduce  the  computational  complexity  of  deriving  consis- 
tency relations,  this  paper  proposes  a two-step  approach.  In  the  first 
step,  the  system  is  analyzed  structurally  to  find  overdetermined  sub- 
models. Each  of  these  submodels  are  then  in  the  second  step  trans- 
formed to  consistency  relations.  The  benefit  with  this  two-step  ap- 
proach is  that  the  submodels  obtained  are  typically  much  smaller 
than  the  whole  model,  and  therefore  the  computational  complexity 
of  deriving  consistency  relations  from  each  submodel  is  substantially 
lower  compared  to  directly  manipulating  the  whole  model. 

The  main  contribution  and  the  focus  of  the  paper  is  a structural  al- 
gorithm for  finding  these  submodels.  Instead  of  directly  manipulating 
the  equations  themselves,  the  proposed  algorithm  only  deals  with  the 
structural  information  contained  in  the  model,  i.e.  which  variables 
that  appear  in  each  equation.  This  structural  information  is  collected 


in  a structural  model.  In  addition  to  finding  all  submodels  that  can 
be  used  to  derive  consistency  relations,  the  algorithm  also  selects  a 
small  set  of  submodels  that  corresponds  to  consistency  relations  with 
the  highest  possible  diagnosis  capability. 

In  industry,  design  of  diagnosis  systems  can  be  very  time  con- 
suming if  done  manually.  Therefore  it  is  important  that  methods  for 
diagnosis-system  design  are  as  systematic  and  automatic  as  possible. 
The  algorithm  presented  here  is  fully  automatic  and  only  needs  as 
input  a structural  model  of  the  system.  This  structural  model  can  in 
turn  easily  be  derived  from  for  example  simulation  models. 

Structural  approaches  have  also  been  studied  in  other  works  deal- 
ing with  fault  diagnosis.  In  [10]  a structural  approach  is  investi- 
gated as  an  alternative  to  dependency-recording  engines  in  consis- 
tency based  diagnosis.  Furthermore  a structural  approach  is  used  in 
the  study  of  supervision  ability  in  [2]  and  an  extension  to  this  work 
considering  sensor  placement  is  found  in  [12]. 

In  Sections  2 and  3,  structural  models  and  their  usefulness  in  fault 
diagnosis  are  discussed.  Then  in  Section  4,  a complete  description  of 
the  algorithm  is  given.  The  algorithm  is  then  in  Section  5 applied  to 
a large  nonlinear  industrial  process,  a part  of  a paper  plant.  In  spite 
of  the  complexity  of  this  process,  a small  set  of  consistency  relations 
with  high  diagnosis  capability  is  successfully  derived. 

2 Structural  models 

The  behavior  of  a system  is  described  with  a model.  Usually  the 
model  is  a set  of  equations.  A structural  model  [2]  contains  only  the 
information  of  which  variables  that  are  contained  in  each  equation. 
Let  Morig  denote  the  structural  model  obtained  from  the  equations, 
describing  the  system  to  be  diagnosed.  This  structural  model  will 
contain  three  different  kinds  of  variables:  known  variables  Y,  e.g. 
sensor  signals  and  actuators;  unknown  variables  Xu,  for  example 
internal  states  of  the  system;  and  finally  the  faults  F.  If  faults  are 
decoupled  then  they  will  also  be  included  in  Xu.  The  differentiated 
and  non-differentiated  version  of  the  same  variable  are  considered  to 
be  different  variables.  The  time  shifted  variables  in  the  time  discrete 
case  are  also  considered  to  be  separate  variables. 

A structural  model  can  be  represented  by  an  incidence  matrix  [4, 
1],  The  rows  correspond  to  equations  and  the  columns  to  variables.  A 
cross  in  position  ( i , j ) tells  that  variable  j is  included  in  equation  i. 

Example  1 A simple  example  is  a pump,  pimping  water  into  the  top 
of  a tank.  The  water  flows  out  of  the  tank  through  a pipe  connected 
to  the  bottom  of  the  tank.  The  known  variables  are  the  pump  input  u, 
the  measured  water  level  in  the  tank  xjh,  and  the  measured  flow  from 


the  tank  yj.  One  fault  denoted  fi  is  assumed  to  be  associated  with 
each  known  variable.  The  actual  flows  to  and  from  the  tank  are  de- 
noted Fi,  and  the  actual  water  level  in  the  tank  is  denoted  h.  Without 
knowing  the  exact  physical  equations  describing  the  analytic  model 
the  structural  model  can  be  set  up  as  follows: 
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Equation  ei  describes  the  pump,  e 2 the  conservation  of  volume  in 
the  tank,  e:i  the  water  level  measurement,  ti  the  flow  from  the  tank 
caused  by  the  gravity,  e*,  the  flow  measurement,  and  es  a fault  model 
for  the  flow  measurement  fault  fyf. 

3 Fault  Diagnosis  Using  Structural  Models 

The  task  is  to  find  submodels  that  can  be  used  to  form  consistency 
relations.  To  be  able  to  draw  a correct  conclusion  about  the  diagnos- 
ability  from  the  structural  analysis,  it  is  crucial  that  for  each  of  these 
submodels  there  is  a consistency  relation  that  validates  all  equations 
included  in  the  submodel.  The  common  definition  of  consistency  re- 
lation does  not  ensure  this.  Therefore  the  new  definition  of  consis- 
tency relation  for  an  equation  set  is  introduced  that  explicitly  points 
out  the  submodel  considered.  Before  consistency  relation  for  E is 
defined  some  notation  is  needed. 

Let  x and  y denote  the  vectors  of  variables  contained  in  Xu  and 
Y respectively.  Then  E(x,  y)  denote  an  equation  set  that  depends  on 
variables  contained  in  Xu  and  Y . 

Definition  1 (Consistency  Relation  for  E)  A scalar  equation 
c(y)  = 0 is  a consistency  relation  for  the  equations  E(x,  y)  iff 

3x£(x,  y)  <4-  c(y)  = 0 (2) 

and  there  is  no  proper  subset  of  E that  has  property  (2). 

Definition  1 differ  from  the  common  definition  of  consistency  re- 
lation in  two  ways,  the  left  implication  in  (2)  and  that  there  is  no 
proper  subset  of  E that  has  property  (2).  Refer  the  latter  as  the  min- 
imality condition  in  Definition  1.  The  following  example  shows  the 
importance  of  the  left  implication  in  (2). 

Example  2 Consider  the  model  E = (yi  = x,y2  = x,  y-s  — x}. 
The  equation  yi  — y2  = 0 is  not  a consistency  relation  for  E,  because 
it  is  true  even  if  e.g.  ys  f yi  = y2  and  then  it  is  impossible  to  find 
a consistent  x in  E.  However  j/i  — y2  = 0 is  a consistency  relation 
for  {j/i  = x,y2  = x}. 

The  expression  yi  + y2  — '2y:i  = 0 includes  y$.  The  right  im- 
plication in  (2)  holds,  but  the  opposite  direction  does  not  hold.  The 
conclusion  is  that  also  this  expression  is  not  a consistency  relation 
for  E or  any  equation  subset  of  E. 

However  (y\  — y2)2  + (y2  — ys)2  — 0 is  a consistency  relation 
for  E. 

The  minimality  condition  in  Definition  1 is  important,  because  it 
guarantees  that  any  invalid  equation  can  infer  an  inconsistency. 


3.1  Bask  Assumptions 

Basic  assumptions  are  needed  to  guarantee  that  the  subsets  found 
only  by  analyzing  structural  properties  are  exactly  those  subsets  that 
can  be  used  to  form  consistency  relations.  Before  the  basic  assump- 
tions are  presented,  some  notation  is  needed.  Let  E be  any  set  of 
equations  and  X any  set  of  variables.  Then  define  varx  (E)  = {x  6 
X\3e  6 E : e contains  a;}  and  eqUE(X)  = {e  6 E \3x  6 X : e 
contains  a;}.  Also,  let  varx(e ) and  equE{ x)  be  shorthand  notations 
for  varx({e})  and  equE{{x})  respectively.  If  g is  any  equation, 
function  or  variable,  let  denote  the  i:th  time  derivative  of  g.  Then 
define  vdrx(E)  = {undifferentiated  x\Bi(xf‘!  6 varx(E))},  e.g. 
varxuuY({y  = a:})  = {y,  at}.  Finally,  the  number  of  elements  in 
any  set  E is  denoted  |E|. 

The  first  assumption  is  introduced  to  ensure  that  the  model  be- 
comes finitely  differentiated  in  Section  4.1. 

Assumption  1 The  model  Morig  has  the  property 

YE  C MOTig  ■■  \E\  < \vWxuuy(E)\.  (3) 

The  meaning  of  condition  (3)  is  that  each  subset  of  equations  include 
more  or  equally  many  different  variables,  considering  derivatives  as 
the  same  variable.  If  condition  (1)  is  not  fulfilled  and  there  are  no 
redundant  equations,  the  model  would  normally  be  inconsistent. 

As  mentioned  earlier,  the  structural  model  contains  less  informa- 
tion than  the  analytical  model.  The  next  assumption  makes  it  possible 
to  draw  conclusions  about  analytical  properties  from  the  structural 
properties. 

Assumption  2 There  exists  a consistency  relation  c(y)  = 0 for  the 
equation  set  H iff 

VX'  C varxu(H),X'  f 0 : |X'|  < \equH(X’)\  (4) 

According  to  Assumption  2 the  unknown  variables  in  H can  be 
eliminated  if  and  only  if  it  holds  that  for  each  subset  of  variables  in 
H the  number  of  variables  is  less  then  the  number  of  equations  in  H 
which  contain  some  of  the  variables  in  the  chosen  subset. 

The  Assumptions  1 and  2 are  often  fulfilled.  For  example  all  sub- 
sets of  equations  found  in  the  industrial  example  in  the  end  of  the 
paper  satisfy  Assumption  2.  Even  though  the  ’’only  if’  direction  of 
Assumption  2 is  difficult  to  validate  in  an  application,  the  results  of 
the  paper  can  still  be  used  to  produce  a lower  bound  of  the  actual 
detection  and  isolation  capability. 

If  all  subsets  of  the  model  fulfill  Assumption  2,  the  structural  anal- 
ysis will  find  all  subsets  that  can  be  used  to  find  consistency  relations. 

3.2  Finding  Consistency  Relations  via  MSS  Sets 

Now,  the  task  of  finding  those  submodels  that  can  be  used  to  derive 
consistency  relations  will  be  transformed  to  the  task  of  finding  the 
subsets  of  equations  that  have  the  structural  property  (4).  To  do  this, 
two  important  structural  properties  are  defined  [9], 

Definition  2 (Structurally  Singular)  A finite  set  of  equations  E is 
structurally  singular  with  respect  to  the  set  of  variables  X if\E\  > 
\varx(E)\. 

Definition  3 (Minimal  Structurally  Singular)  A structurally  sin- 
gular set  is  a minimal  structurally  singular  (MSS)  set  if  none  of  its 
proper  subsets  are  structurally  singular. 


For  simplicity,  MSS  will  always  mean  MSS  with  respect  to  Xu  in 
the  rest  of  the  text.  The  next  theorem  tells  that  it  is  sufficient  and  nec- 
essary to  find  all  MSS  sets  to  get  all  different  sets  that  can  be  utilized 
to  form  consistency  relations.  The  task  of  finding  all  submodels  that 
can  be  used  to  derive  consistency  relations  has  thereby  been  trans- 
formed to  the  task  of  finding  all  MSS  sets. 

Theorem  1 Let  H C M„rig,  where  MOTig  fulfills  Assumption  1. 
Further,  let  H and  all  Ei  fulfill  Assumption  2.  Then  there  exists  a 
consistency  relation  c(y)  = 0 for  H(x.,  y)  where  \H\  < oo  iff  H = 
Ui  Ei  where  for  each  i,  Ei  is  an  MSS  set. 

For  a proof,  see  [7], 

4 Algorithm  for  finding  and  selecting  MSS  sets 

The  objective  is  to  find  all  MSS  sets  in  a differentiated  version  of  the 
model  Morig  and  then  choose  a small  subset  of  these  MSS  sets  with 
the  same  diagnosability  as  the  full  set  of  MSS  sets.  The  algorithm 
can  be  summarized  in  the  following  steps. 

Algorithm  1 

1.  Differentiating  the  model:  Find  equations  that  are  meaningful  to 
differentiate  for  finding  MSS  sets. 

2.  Simplifying  the  model:  Given  the  original  model  and  the  addi- 
tional equations  found  in  step  (1),  remove  all  equations  that  can- 
not he  included  in  any  MSS  set.  To  simplify  the  next  step,  merge 
sets  of  equations  that  have  to  he  used  together  in  each  MSS  set. 

5.  Finding  MSS  sets:  Search  for  MSS  sets  in  the  simplified  model. 

4.  Analyzing  Diagnosability:  Examine  the  diagnosability  of  the  MSS 
sets  found  in  step  (3). 

5.  Decoupling  faults:  If  the  diagnosability  has  to  he  improved,  some 
faults  have  to  he  decoupled.  For  decoupling  faults,  return  to 
step  ( 1 ) and  consider  these  faults  as  unknown  variables  in  X„. 

6.  Selecting  a subset  of  MSS  sets:  Select  the  simplest  set  of  MSS  sets 
that  contains  the  desired  diagnosability. 

Note  that  to  avoid  searching  for  all  MSS  sets  decoupling  all  possi- 
ble faults,  Algorithm  1 has  been  organized  so  that  first,  the  fault  free 
model  is  analyzed.  Then  if  it  is  necessary  for  achieving  higher  isola- 
bility, faults  are  decoupled.  The  following  sections  discuss  each  of 
the  steps  in  Algorithm  1 . 

4.1  Differentiating  the  Model 

To  handle  dynamic  models,  Algorithm  1 needs  a way  to  deal  with 
derivatives.  In  this  section  an  algorithm  for  handling  derivatives  is 
defined.  This  algorithm  is  referred  to  as  Algorithm  2.  A small  exam- 
ple will  show  what  Algorithm  2 must  be  capable  of  handling. 

Example  3 Consider  the  model  E = {ei,  e2,  e.s}  = {yi  = x,  yi  = 
x,  j/3  = x2}.  It  is  obviously  impossible  to  eliminate  x in  ei  if  dif- 
ferentiation of  any  equation  is  forbidden.  In  general,  all  derivatives 
of  E have  to  be  considered.  If  E('l)  denote  the  set  of  the  i:th  time 
derivative  of  each  element,  the  equation  set  generally  considered  is 
U ZoE(i). 

Even  though  varxu(e i)  = varxu(e 3)  = {x}  the  derivatives  of 
ei  and  c?,  contain  different  sets  of  variables,  because  varxu  (ei)  = 
{£}  f varxu  {e 3)  = {x,x}.  Since  x is  linearly  contained  in  ei, 
the  variable  x in  ei  disappears.  Knowledge  about  which  of  the  vari- 
ables that  are  contained  linearly  in  an  equation  determines  the  set  of 
variables  in  the  differentiated  equation  completely. 


For  all  natural  numbers  j,  ;yp+l)  — yf)  = 0 is  a consistency 
relation.  Most  of  these  consistency  relations  contain  high  orders  of 
derivatives  of  y\  and  2/2.  The  derivatives  of  known  variables  are  in 
general  not  known,  but  they  can  usually  be  estimated.  The  higher 
order  of  derivative,  the  more  difficult  it  is  to  estimate  the  derivative. 
Thus  it  is  reasonable  to  make  a limitation  m(y)  for  variable  y of  the 
order  of  derivative  that  can  be  considered  as  possible  to  estimate. 
Derivatives  up  to  m(y)  are  then  considered  to  be  known  and  higher 
derivatives  belong  to  Xu. 

To  summarize  the  example,  Algorithm  2 must  be  capable  of  differ- 
entiating equations.  To  produce  a correct  structural  representation  of 
differentiated  equations,  the  algorithm  must  take  linearly  contained 
variables  into  account.  Further,  it  has  to  handle  the  limitation  m(y) 
for  each  y 6 Y. 

Algorithm  2 consists  of  two  parts.  The  first  part  is  a modification  of 
Pantelides’  algorithm  [9].  Let  M = U”=i  Uyio  }» then  an  is  the 
highest  number  of  differentiations  in  M of  equation  i.  Then  M is  a 
differentiated  model  of  Morig  = Uf=i{ei}-  Let  {ei°‘i'1 11  < i < n} 
be  the  set  of  most  differentiated  equations  in  M.  The  highest  deriva- 
tive of  a non-differentiated  variable  x in  the  model  M is  defined  as 
max({j|x^  6 varxu(M)}). 

Pantelides’  algorithm  differentiates  equation  subsets,  so  that  the 
original  equations  together  with  the  differentiated  equations  have  a 
complete  matching  [4]  of  the  most  differentiated  equations  into  the 
unknown  variables  with  the  highest  derivatives. 

The  modification  of  Pantelides’  algorithm  is  that  derivatives  of 
known  variables,  higher  or  equal  to  m,(y),  are  also  allowed  to  be 
included  in  the  matching. 

Algorithm  2 

Input:  The  original  model  Morig,  a description  of  which  variables 
that  are  linearly  contained,  and for  each  y 6 vary  (Morig),  m(y)  < 
00. 

(1)  Apply  the  modified  Pantelides  ’ algorithm  to  Morig  and  the  limits 
m.(y).  The  output  is  the  number  of  times  each  equation  must  be 
differentiated  to  find  all  MSS  sets. 

(2)  Differentiate  the  equations  in  Morig  the  number  of  times  sug- 
gested in  step  (1)  and  use  the  description  of  which  variables  that 
are  linearly  contained,  to  get  the  correct  structural  description  of 
the  differentiated  structural  model  denoted  Muff. 

Output:  Mdiff. 

It  is  critical  that  step  (1)  in  Algorithm  2 terminates,  i.e.  no  equation 
should  be  differentiated  an  infinite  number  of  times.  In  Pantelides 
(1988)  the  condition  when  the  algorithm  terminates  is  stated.  This 
condition  can  be  written  as  the  structural  property  (3).  Since  the 
model  Morig  has  this  property  according  to  Assumption  1,  the  al- 
gorithm will  terminate. 

Let  now  MSS(M)  denote  the  set  of  MSS  sets  found  in  equations 
M and  MSSaii(M ) = MSS(li'fz0M(-tl).  Then  it  is  possible  to 
state  the  following  theorem  proven  in  [7]. 

Theorem  2 If  Assumption  1 is  satisfied  and  for  each  y 6 
vary  {MOTig),  m,(y)  < 00,  then 

MSSal, (MOTig)  = MSS(Mdiff) 

The  consequence  of  this  theorem  is  that  all  MSS  sets  that  are  possible 
to  find  if  the  original  model  Morig  is  differentiated  an  infinite  number 
of  times,  can  always  be  found  in  Mdiff. 


Example  4 The  following  example  is  a continuation  of  Example  1 
with  the  structural  model  shown  in  (1).  Let  rn(u)  = rn(y /)  = 1 
and  m(ijh)  = 0.  According  to  Algorithm  1 the  first  iteration  uses 
the  fault  free  model,  i.e.  all  faults  are  zero.  The  equation  e%  contains 
only  a fault.  Since  all  faults  are  at  the  moment  assumed  to  he  zero, 
then  ee  is  not  considered.  Further,  assume  that  no  variable  is  linearly 
contained  in  any  equation.  Then  no  variable  will  disappear  in  the  dif- 
ferentiation. The  structural  model  Mdiff  obtained  from  Algorithm  2 
is 
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4.2  Simplifying  the  Model 


This  makes  one  group  of  {ei,  ez,  e^,  ef\.  This  search  made  simplifi- 
cations and  therefore  the  search  is  performed  once  more.  The  second 
time  no  simplifications  have  been  done  and  the  simplification  step  is 
therefore  complete.  The  remaining  system  is 
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4.3  Finding  MSS  Sets 

After  the  simplification  step  is  completed,  step  (3)  in  Algorithm  1 
finds  all  MSS  sets  in  the  simplified  model  MSirnp.  This  section  ex- 
plains how  the  MSS  sets  are  found. 

The  task  is  to  find  all  MSS  sets  in  the  model  Msi,np  with  equations 
{ei,  • • • , e„}.  Let  Af*  = {e^,  — • , en } be  the  last  n — k + 1 equa- 
tions. Let  E be  the  current  set  of  equations  that  is  examined.  The  set 
of  MSS  sets  found  is  denoted  Maig 3.  Then  the  following  algorithm 
finds  all  MSS  sets  in  M„irnp. 


It  is  a complex  task  to  find  all  MSS  sets  in  a structural  model.  There- 
fore it  can  be  of  great  help  if  it  is  possible  to  simplify  the  model.  Here 
two  kinds  of  simplifications  are  used. 

In  a first  step,  all  equations  in  Mdiff  that  include  any  variable 
that  is  impossible  to  eliminate,  are  removed.  This  can  be  done  with 
Canonical  Decomposition  [2], 

In  a second  step,  variables  that  can  be  eliminated  without  losing 
any  structural  information  are  found.  The  rest  of  this  section  will  be 
devoted  to  a discussion  about  this  second  step. 

If  there  is  a set  X C Xu  with  the  property  1 + j.Yj  = 
I cxpiMdif  s {X)  | , then  all  equations  in  equMdiff  (-Y ) have  to  be  used 
to  eliminate  all  variables  in  X.  Since  all  unknown  variables  must  be 
eliminated  in  an  MSS  set  this  means  particularly  that  all  MSS  sets 
including  any  equation  of  equ,Mdiff  (X)  has  to  include  all  equations 
in  equMdlff  (X).  The  idea  is  to  find  these  sets.  Then  it  is  possible  to 
eliminate  internal  variables,  here  denoted  -Y,  in  these  sets.  Every  set 
is  replaced  with  one  new  equation. 

This  second  simplification  step  finds  subsets  of  variables  that  are 
included  in  exactly  one  more  equation  than  the  number  of  variables. 
To  reduce  the  computational  complexity,  a complete  search  for  such 
sets  is  in  fact  not  performed  here.  Instead  only  a search  for  single 
variables  included  in  two  equations  is  done.  When  a variable  is  in- 
cluded in  just  two  equations,  these  equations  are  used  to  eliminate 
the  variable.  If  all  variables  are  examined  and  some  simplification 
was  possible,  then  all  remaining  variables  have  to  be  examined  once 
more.  When  no  more  simplifications  can  be  made,  the  simplification 
step  is  finished  and  the  resulting  structural  model  is  denoted  MSimp. 
Note  that  with  this  strategy  larger  sets  than  two  equations  will  also 
be  found,  since  the  algorithm  can  merge  sets  found  in  previous  steps. 

The  next  theorem  ensures  that  no  MSS  set  is  lost  in  the  simplifica- 
tion step. 

Theorem  3 MSS(Mdiff)  = MSS(Msimp) 

For  a proof,  see  [7].  Consider  again  Example  4 and  the  output  (5) 
from  the  differentiation  step.  No  equations  can  be  removed  in  the 
first  simplification  step. 

The  second  step  searches  for  variables  which  belong  only  to  two 
equations.  In  the  first  search,  the  algorithm  finds  Fi  in  {ei,  ez},  F>  in 
{e.4,  es},  and  h in  the  equations  produced  by  {ei , ez. } and  {e4,  es}. 


Algorithm  3 

Input:  The  model  Msirnp. 

1.  Set  k = 1 and  Maig3  = 0. 

2.  Choose  equation  eu-  Let  E = {e*}  and  X = 0. 

3.  Find  all  MSS  sets  that  are  subsets  of  Mk  and  include  equation  ek. 

(a)  Let  X = varxu  (E)\X  be  the  unmatched  variables. 

(h)  lfX  = 0,  then  E is  an  MSS  set.  Insert  E into  Maig 3. 

(c)  Else  take  a remaining  variable  x 6 X and  let  X = X U 
{x}.  Let  E = equMk\E{x)  be  the  remaining  equations.  For 
all  equations  e in  E let  E = E U {e}  and  goto  (a). 

4.  Ifk  < nsetk  = k+  \ and  goto  number  (2). 


Output:  The  set  of  MSS  sets  found,  i.e.  Maigz- 

Algorithm  3 finds  all  MSS  sets  in  MoriS  according  to  the  next  theo- 
rem proven  in  [7]. 

Theorem  4 Maig3  = MSS{Msirnv) 

The  following  small  example  with  five  equations  shows  how  the  al- 
gorithm works. 
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This  model  gives  the  following  time  evolution  of  current  equations, 
i.e.  E in  Algorithm  3 is 


3 3 3 


4 

3 3 


3 


The  bold  columns  represent  the  MSS  sets  found.  This  example 
also  shows  that  if  there  are  several  matchings  including  the  same 
equations,  the  algorithm  finds  the  same  subset  of  equations  several 
times. 


4.4  Analyzing  Diagnosability 

When  the  MSS  sets  are  found,  the  next  step  is  to  analyze  their  di- 
agnosability, The  continuation  of  the  example  in  (6)  will  be  used  to 
illustrate  how  this  analysis  is  done.  The  4 MSS  sets  that  can  be  found 
in  (6)  are  shown  in  the  left  column  in  Figure  1 (a).  The  matrix  in  this 
figure  is  the  incidence  matrix  of  the  MSS  sets  in  (6).  If  any  equation 
in  the  MSS  set  i include  fault  j,  the  element  ( i , j)  of  the  incidence 
matrix  is  equal  to  X.  Note  that  an  X in  position  (i,  j)  is  no  guar- 
antee for  fault  j to  appear  in  the  MSS  set  i.  For  an  example  of  the 
interpretation  of  an  incidence  matrix,  consider  the  third  MSS  set  in 
Figure  1 (a).  This  MSS  set  could  contain  fu  and  ftJf,  but  it  is  impos- 
sible that  it  could  contain  since  fyh  is  only  included  in  equation 
eg.  For  simplicity,  the  derivatives  of  the  faults  are  omitted  in  Figure  1 . 

If  the  number  of  different  faults  is  large  it  is  not  easy  to  see  which 
faults  that  can  be  isolated  from  each  other.  The  incidence  matrix  of 
the  MSS  sets  show  which  faults  that  could  be  responsible  for  an  in- 
consistency of  each  MSS  set,  but  it  is  more  interesting  to  see  which 
faults  that  can  be  explained  by  other  faults,  A fault  matrix  shows  the 
maximum  isolation  and  detection  capability  of  the  diagnosis  system. 
The  maximum  isolation  capability  with  a diagnosis  system  designed 
with  this  structural  method  is  obtained  if  it  is  assumed  that  each  fault 
makes  all  MSS  sets  including  this  fault  inconsistent.  If  fault  j is  sen- 
sitive to  at  least  all  MSS  sets  that  fault  i is  sensitive  to,  then  element 
(i,  j)  of  the  fault  matrix  is  equal  to  X.  The  interpretation  of  an  X in 
position  ( i , j ) is  that  fault  /;  can  not  be  isolated  from  fault  fj. 

The  fault  matrix  corresponding  to  the  incidence  matrix  in  Fig- 
ure 1 (a)  is  shown  in  Figure  1 (b).  Consider  the  first  row  of  the  fault 
matrix.  Suppose  that  fault  fu  is  present.  Then,  the  first  three  MSS 
sets  are  not  satisfied  in  an  ideal  case.  This  means  that  /„  certainly 
can  explain  fault  fu,  but  also  fyj  can  explain  fault  fu.  Fault  fyi, 
cannot  explain  fault  /„,  since  if  fyh  is  present,  the  third  MSS  set  is 
satisfied.  Note  that  the  fault  matrix  is  not  symmetric.  For  example 
fault  fyj  can  explain  fault  fu  but  the  opposite  is  not  true.  The  fault 
matrix  can  more  easily  be  analyzed  after  Dulmage-Mendelsohn  per- 
mutations [8],  This  algorithm  returns  a maximal  matching  [4]  which 
is  in  block  upper-triangular  form.  The  diagonal  blocks  corresponds 
to  strong  Flail  components  of  the  adjacency  graph  of  the  fault  ma- 
trix. The  interpretation  is  that  faults  in  a diagonal  block  can  never 
be  distinguished  with  that  diagnosis  system.  In  the  small  example  in 
Figure  1 (b),  the  same  matrix  is  returned  after  Dulmage-Mendelsohn 
permutations,  which  usually  is  not  the  case.  The  diagonal  blocks  are 
the  1 x 1 diagonal  elements. 


(a)  (b) 

Figure  1.  The  incidence  matrix  of  MSS  sets  is  shown  in  (a).  The  fault 
matrix  of  (a)  is  shown  in  (b). 


4.5  Decoupling  faults 

Suppose  that  the  element  (i,  j ) of  the  fault  matrix  is  equal  to  -Y  for 
some  i f=-  j.  It  could  still  be  possible  to  isolate  fault  i from  fault 
j by  trying  to  decouple  fault  j.  Include  fault  j among  the  unknown 


variables  Xu  and  search  for  new  MSS  sets  by  applying  Algorithm  1 
step  (1)  to  the  new  model  obtained.  An  MSS  set  that  is  able  to  isolate 
fault  i from  fault  j has  to  include  at  least  one  equation  that  includes 
fault  i.  If  any  such  MSS  set  is  found,  it  has  to  include  an  elimination 
of  fault  j.  If  not,  this  MSS  would  have  been  discovered  earlier. 

In  the  example  in  Figure  1,  the  fault  matrix  shows  that  f u and  fyh 
can  not  be  isolated  from  /„/.  The  problem  is  that  there  is  no  MSS  set 
that  decouple  fault  /„/.  But  there  could  be  one  if  fyj  is  eliminated. 
The  fault  /„/  is  moved  from  the  faults  F to  the  unknown  variables 
Xu.  The  procedure  starts  all  over  from  the  step  ( 1)  in  Algorithm  1. 
The  result  is  a new  MSS  set  in  which  fyj  is  decoupled.  This  gives  a 
possibility  to  detect  and  isolate  all  faults. 


4.6  Selecting  a Subset  of  MSS  Sets 

It  is  not  unusual  that  the  number  of  MSS  sets  found  is  very  large. 
Many  of  the  MSS  sets  probably  use  almost  as  many  equations  as  un- 
known variables  in  the  entire  system.  These  MSS  sets  usually  rely 
on  too  many  uncertainties  to  be  usable  for  fault  isolation.  Small  MSS 
sets  are  more  robust  and  are  usually  sensitive  to  fewer  faults.  There- 
fore the  goal  must  be  to  find  the  set  of  most  robust  MSS  sets  but  with 
the  same  diagnosis  capability  as  the  set  of  all  MSS  sets. 

Start  to  sort  the  MSS  sets  in  an  ascending  order  of  complexity.  The 
complexity  measure  is  here  the  number  of  equations,  even  though 
more  informative  measures  are  also  a possibility.  The  MSS  sets  are 
examined  in  the  rearranged  order.  If  an  MSS  set  increase  the  diag- 
nosability, then  select  the  MSS  set.  The  diagnosability  is  increased  if 
some  fault  becomes  detectable  or  some  fault  i can  be  isolated  from 
some  other  fault  j.  This  means  that  for  each  detection  of  a fault  and 
for  each  isolation  between  two  faults,  the  smallest  MSS  sets  with  this 
diagnosis  ability  will  be  one  of  the  chosen  MSS  sets.  In  this  way  the 
final  output  from  Algorithm  1 will  be  the  most  robust  set  of  MSS  sets 
with  highest  possible  diagnosis  capability. 


5 Industrial  example:  A part  of  a paper  plant 

This  example  is  a stock  preparation  and  broke  treatment  system  of  a 
paper  plant  located  in  Australia.  The  system  is  used  for  mixing  and 
purifying  recycled  paper  for  production  of  new  paper.  An  overview 
of  the  system  is  shown  in  Figure  2. 


To  screen 


Figure  2.  A stock  preparation  and  broke  treatment  system  of  a paper  plant. 


5.1  System  Description 


5.3  Simplifying  the  Model 


Most  parts  of  the  system  are  nonlinear  and  it  is  only  the  tank  and  the 
pulper  that  are  considered  to  be  dynamic.  The  model  has  shown  to 
compare  well  to  real  measured  data.  Because  of  space  considerations, 
the  details  of  the  model  are  omitted,  but  can  be  found  in  [7],  The 
system  has  4 states:  the  volume  and  concentration  in  the  pulper  and  in 
the  tank.  There  are  6 sensors  in  the  system.  Sensor  yi  and  3/3  measure 
the  water  levels  of  the  pulper  and  the  tank  respectively,  3/2  and  3/4 
measure  concentration,  3/5  and  ye  measure  pressure.  The  flows  and 
concentrations  into  this  system  are  known  and  the  flows  out  from  the 
system  are  also  known.  There  are  6 valves  and  two  pumps  that  are 
actuators  with  known  inputs. 

There  are  2 1 faults  that  are  considered.  All  sensors  can  have  a con- 
stant offset  fault  (/1, . . . , fe).  All  valves  can  have  a constant  offset 
in  the  actuator  signal  (fr,. . . , /12).  Clogging  can  occur  in  the  pipes 
near  the  valves  (fis, . . . , /is)  and  also  directly  after  the  tank  /19. 
Finally,  the  pumps  can  have  a constant  offset  in  the  actuator  signal 
(/20,  /21). 

The  system  is  described  by  29  equations.  Equations  (ei,..., 
64)  describe  the  dynamics,  (e5,...,ei4)  are  pressure  loops,  eis 
relates  the  concentration  in  the  junction  after  the  tank  with  the 
flows  F4  and  Fe,  (eis,  ei7)  describe  the  two  pumps,  (eig, . . . , eye) 
are  valve  equations,  (ea4, . . . ,e2e)  are  flow  equations,  and  finally 
(e-27, . . . , e2s)  are  sensor  equations  for  sensor  1,2,  and  3.  The  struc- 
tural model  for  these  equations  can  be  viewed  in  the  first  29  rows  in 
the  matrices  in  Figure  3. 


In  the  first  step  of  simplification  applied  to  the  left  matrix  in  Figure  3, 
the  equations  {27, 28, 29}  include  variables  belonging  only  to  one 
equation,  i.e.  they  cannot  be  included  in  any  MSS  sets. 

The  second  part  of  the  simplification  finds  that  the  vari- 
ables {9, 17, 18, 19, 20,  21, 25, 26, 27,  28, 29, 30, 31}  can  be  elim- 
inated. The  equations  that  form  groups  are  {1,52},  {2,53}, 
{3, 54},  {4, 15, 40},  {32, 41, 44},  {39, 48, 51},  {31, 43},  {35, 45}, 
{37,46}  and  {36,47}.  The  simplified  structural  model  is  shown  in 
Figure  4 (a).  Note  the  simplification  of  the  model  by  comparing  Fig- 
ure 3 and  Figure  4 (a). 


(a) 


(b) 


5.2  Differentiating  the  Model 

The  highest  order  of  derivatives  that  is  known  for  all  known  vari- 
ables are  assumed  to  be  one.  If  a variable  is  contained  linearly  in 
an  equation  the  variable  disappears  in  the  differentiated  expression. 
This  knowledge  is  used  since  the  equations  are  known.  Algorithm  2 
is  applied  to  the  first  29  equations  in  Figure  3.  The  result  is  that  all 
equations  except  equation  1,  2,  3,  and  4 are  differentiated.  This  re- 
sults in  additionally  25  differentiated  equations  shown  in  the  lower 
part  of  Figure  3. 


Figure  3.  Structural  model  of  the  stock  preparation  and  broke  treatment 
system. 


Figure  4.  The  simplified  structural  model  is  shown  in  (a).  The  incidence 
matrix  of  the  MSS  sets  is  shown  in  (b) 


5.4  Finding  MSS  sets 

Algorithm  3 is  then  applied  to  the  simplified  model.  The  algorithm 
returns  35770  MSS  sets  that  are  contained  in  the  simplified  model. 
The  largest  MSS  set  consists  of  24  equations. 

5.5  Analyzing  Diagnosability 

The  two  different  fault  matrices  are  seen  in  Figure  5.  The  Dulmage- 
Mendelsohn  permutations  gives  that  the  faults  {7, 13},  {8, 14}, 
{9, 15},  {10, 16}, {11, 17}  and  {12, 18}  are  never  distinguishable. 
These  pairs  of  faults  all  belong  pairwise  to  the  same  valve.  This  iso- 
lation performance  for  faults  concerning  valves  is  in  this  case  ac- 
ceptable. To  give  an  example  of  how  elimination  of  faults  is  done, 
the  attention  is  focused  on  isolating  faults  4,  8,  and  14. 

5.6  Decoupling  faults 

Considering  Figure  5,  it  is  still  important  to  discover  if  any  MSS  set 
can  decouple  fault  2 or  3 and  be  sensitive  to  fault  4.  It  is  also  neces- 
sary to  decouple  fault  20.  Apply  Algorithm  1 to  the  original  model, 
but  where  fault  2 now  is  considered  to  be  an  unknown  variable.  Then 
apply  the  Algorithm  1 to  the  model  where  faults  3 is  decoupled  and 
finally  also  when  fault  20  is  decoupled.  The  algorithm  finds  thereby 
additional  MSS  sets  that  isolate  fault  4,  8,  and  14. 


5.7  Selecting  a subset  of  MSS  sets 

The  24  chosen  MSS  sets  are 


From  these  sets  and  the  structural  model  in  Figure  3 the  incidence 
matrix  in  Figure  4 (b)  is  obtained. 


Figure  5.  These  matrices  are  the  fault  matrices  before  (a)  and  after  (b)  the 
Dulmage-Mendelsohn  permutation. 


5.8  Generating  Consistency  Relations 

Consistency  relations  corresponding  to  the  24  MSS  sets  are  calcu- 
lated by  using  the  function  Eliminate  in  Mathematica.  Most  of  the 
equations  in  the  model  are  polynomial  equations.  For  polynomial 
equation-systems,  the  function  Eliminate  uses  Grobner  Basis  tech- 
niques for  elimination.  Each  MSS  set  with  7 or  less  equations  was 
easily  eliminated  to  a consistency  relation.  The  consistency  relations 
from  the  MSS  set  17  and  18  were  obtained  from  the  Eliminate  func- 
tion, but  were  to  complex  to  be  numerically  reliable.  Elimination  of 
the  unknown  variables  in  MSS  sets  with  8 or  more  equations  was 
computational  intractable  with  the  Eliminate  function.  Therefore,  by 
using  only  consistency  relations  obtained  from  the  15  first  MSS  sets, 
the  isolation  capability  was  reduced  slightly.  Some  further  results  of 
the  investigation  can  be  found  in  [7], 


the  consistency  relations,  which  give  the  fault  detection  and  the  fault 
isolation  capability. 

The  method  is  capable  of  handling  general  differential-algebraic 
non-causal  equations.  Further,  the  method  is  not  limited  to  any  spe- 
cial type  of  fault  model.  Algorithm  1 finds  all  submodels  that  can 
be  used  to  derive  consistency  relations  and  this  is  proven  in  Theo- 
rem 2,  3,  and  4.  The  key  step  in  Algorithm  1 is  step  (3)  that  finds  all 
MSS  sets  in  the  model  it  is  applied  to. 

Finally  the  method  has  been  applied  to  a large  nonlinear  industrial 
example,  a part  of  a paper  plant.  The  algorithm  successfully  manage 
to  derive  a small  set  of  submodels.  In  spite  of  the  complexity  of  this 
process,  a sufficient  number  of  submodels  could  be  transformed  to 
consistency  relations  so  that  high  diagnosis  capability  was  obtained. 
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6 Conclusion 

This  paper  has  presented  a systematic  and  automatic  method  for  find- 
ing a small  set  of  submodels  that  can  be  used  to  derive  consistency 
relations  with  highest  possible  diagnosis  capability.  The  method  is 
based  on  graph  theoretical  reasoning  about  the  structure  of  the  model. 
It  is  assumed  that  a condition  on  algebraic  independency  is  fulfilled. 

An  important  idea,  towards  finding  these  submodels,  is  to  use  the 
mathematical  concept  minimal  structurally  singular  sets.  These  sets 
have  in  Theorem  1 been  shown  to  characterize  these  submodels,  i.e. 


